Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

My Yahoo account was stolen and recovered, but now I'm getting suspicious emails. What should I do?


My free yahoo email account was stolen and a fake email was sent to my
contacts asking for money as I was in the U K and robbed. I did get my email
back but my contacts were deleted. After changing my password, I got an email
from the U K asking me to purchase their Firewall and computer protection. I
unsubscribed to that email. Should I have just deleted it? How else has my
computer been compromised? I am starting to get email with offers I did not
subscribe to, such as Publisher Clearing House email winner. Should I just
delete or unsubscribe which may be adding more viruses to my computer.

First, congratulations on getting your account back. Many people do not, and
end up losing the account permanently. That your contacts are gone is not
terribly surprising, though.

The real question that you might be asking yourself is “what else did they
do with my email account while they had control of it?”. Unfortunately, we may
never know.

So, what to do?


First, you should never, ever “unsubscribe” from email to which you did not actually subscribe. Spammers often use that as a way to validate that the email address they’re throwing spam at is actually being read by a real, live person. Unsubscribe, and you’ll probably end up getting even more spam.

“… you should never, ever ‘unsubscribe’ from email to which you did not actually subscribe.”

Second, it’s very likely that it’s not your computer that was compromised, just your Yahoo account. They managed to login to your account via the web from their own computer(s). Your computer was probably never involved.

I have to say “probably”, because of course things like spyware could have caused the problem in the first place – perhaps spyware on your machine allowed them to capture your password, for example. But typically these kinds of account compromises involve only the account, on the web, and nothing on your computer.


Now, someone else had your account for some period of time, and clearly they were using it at a minimum to send these bogus “I’m trapped in the UK” emails to your contacts.

What else did they do?

You’ll never know.

You can, of course, scan the sent mail folder to see if there’s anything interesting in there, but I’m guessing there won’t be. If they were able to get your account and wipe out your contacts, they were probably smart enough to erase anything that might have been placed in the sent mail folder while they had it.

So who knows what they did.

Of greater concern might be what else they did to your account. While they had access to your Yahoo account they had access to everything you keep in it. That could be any of the other services beyond email that Yahoo provides, as well as many services that allow you to use your Yahoo login for access.

You should check them all.

Similarly you should check your profile and account information for any personal information that may be kept there. The thieves may have that. You should remove it all, or change it, immediately to prevent the thieves from regaining access to your account. (I strongly suggest you read Is changing my password enough? – the answer is a resounding “No”.)

And of course, at a minimum it sounds like you’re getting more spam after your adventure. That’s not something you can really do much about.

In your shoes, I’d consider the account irreparably compromised. I would not delete it (eventually someone else could inherit your old email address), but I would remove all associations to other services, remove all personal information, and simply stop using it on any regular basis.

I’d create a new account and check the old one only periodically for email from people that don’t have your new address.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

3 comments on “My Yahoo account was stolen and recovered, but now I'm getting suspicious emails. What should I do?”

  1. My mom got both her yahoo and hotmail compromised. I ran MalwareBytes Anti-Malware and it found some malware which i removed. Not sure if the two are related, though.

    Here is another strange thing — every computer in our apartment building got the same malware except for mine! I have no idea how to explain this.

  2. “Here is another strange thing — every computer in our apartment building got the same malware except for mine! I have no idea how to explain this.”

    Generally viruses spread around a specific network. If lots of computers connect to a network and none of them have antivirus, one virus on one of the computers could infect all of the computers connected to that same network. That’s why some colleges and other places will give away antivirus software to use while using their network. It looks like you had antivirus installed, and therefore didn’t get a virus.

    This is also why you want to turn on your computer’s firewall whenever you share a network with computers you can’t trust.


  3. It’s gotten to the point where I don’t bother to unsubscribe, anymore. Even legitimate companies tend to ignore Unsubscribes after multiple attempts over a number of years. Since they so routinely ignore Unsubscribes, I simply report them as Spam. Just like physical junk mail, it goes straight to the garbage.

    I’m concerned about your use of the “this is spam” button. It can do real harm when used inappropriately. For example I do not spam, but if enough people “unsubscribe” from my newsletter by saying “this is spam” it will hurt my deliverability and my business. Unsubscribe from things you subscribed to. If you didn’t subscribe, or the unsubscribe requests (for things you subscribed to) are being ignore – then by definition “this is spam”.



Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.